Found some of these with Mozilla misspelled Mozila in the spyware listening post logs. Wasn't able to find them in any legitimate logs, so this might be an interesting way to catch some of the spyware trying to be stealthy.

Please report any issues with the sig here, and let us also know about any positive hits.